Strange behaviour of IPTables!!!!!!

Taking care of your Linux box.

Strange behaviour of IPTables!!!!!!

Postby TheElectron707 » Thu Feb 05, 2004 1:02 pm

I am trying to setup a GateWay server. I am getting strange problem sometimes when i setup my iptables as follows:
#iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

My IPs are configured on eth0, one as
eth0 -- 210.56.xxx.xxx
eth0:0 -- 192.168.0.1

my clients can ping me, the basic policy of all my iptables is ACCEPT, so that none of the packet gets dropped due to any reason (at first stage i want this thing to work).

My linux-Server box can itself connect and access to internet (i try it using nslookup and browse some sites by lynx).

Sometimes the computer starts to work (very few times) and sometimes with the same configuration it stops working. i even enabled logging like:

#iptables -t nat -A POSTROUTING -o eth0 -j LOG

when my gateway is working, logging is being done, but when my server stops working none of the thing is logged. i have tried resrating clients/servers every thing..........what could be wrong..........plz help i am desperate.
TheElectron707
TheElectron707
Lance Naik
 
Posts: 28
Joined: Sun Jun 08, 2003 10:46 am
Location: Lahore

One more thing

Postby TheElectron707 » Thu Feb 05, 2004 1:22 pm

One more thing that i noticed when i logged any input request coming to my computer using the following:

#iptables -t filter -A INPUT -s 192.168.0.0/24 -j LOG
#iptables -t filter -A OUTPUT -d 192.168.0.0/24 -j LOG

that when ever my client requests a webpage, a DNS request of port 53, and my computer does respond back on port 53. but the client on its end unable to resolve the hostname.
then i restarted the "named" service and every thing started to work again!!!!!!!!!!!!!!!!!!!!!
but when after some time the same problem comes again..........why this thing is happening?? well the above clue shows some problem with me being the DNS gateway, but sometimes it works and sometimes its not?? or may be some other problem???

thanx in advance!
TheElectron707
TheElectron707
Lance Naik
 
Posts: 28
Joined: Sun Jun 08, 2003 10:46 am
Location: Lahore

Postby zaeemarshad » Thu Feb 05, 2004 3:32 pm

Always always tell about your distro. more issues are distro specific than prog specific. anyway make sure that both iptables and named are running when your computer starts and there are no stale earlier rules lying around that might cause the stink. :)

chkconfig --level 35 iptables on
chkconfig --level 35 named on

Type this and both these services will start automatically at bootup.

Regards
Zaeem
zaeemarshad
Lieutenant Colonel
 
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Website: http://zaeem.no-ip.org
WLM: zarshadvirk@hotmail.com
Yahoo Messenger: negativecreep61@yahoo.com
AOL: zarshadvirk
Location: Islamabad

Postby TheElectron707 » Thu Feb 05, 2004 3:41 pm

Sorry about the disrto. thing. I am using Mandrake 9.1
and named & iptables do get autmatically started at bootup.
TheElectron707
TheElectron707
Lance Naik
 
Posts: 28
Joined: Sun Jun 08, 2003 10:46 am
Location: Lahore


Return to “%s” Administration

Who is online

Users browsing this forum: No registered users and 1 guest

cron